Mobile Device Connector prerequisites - Linux
The following prerequisites must be met to install Mobile Device Connector on Linux:
•A Database Server already installed and configured with a root account (a user account does not have to be created before installation, the installer can create the account).
•An ODBC Driver for the connection to the database server (MySQL / Microsoft SQL) installed on the computer. See the chapter ODBC installation and configuration.
You should use unixODBC_23 package (not the default unixODBC) in order for the MDC to connect to the MySQL database without any issues. This is especially true for SUSE Linux. |
We recommend that you deploy your MDM component on a host device separate from the one ESET PROTECT Server is hosted on. |
•MDMCore installation file set as an executable.
chmod +x mdmcore-linux-x86_64.sh
•After installation, verify that MDMCore service is running.
sudo systemctl status eramdmcore
•We recommend that you use the latest version of OpenSSL 1.1.1. ESET Management Agent also supports OpenSSL 3.x. The minimum supported version of OpenSSL for Linux is openssl-1.0.1e-30. There can be more versions of OpenSSL installed on one system simultaneously. At least one supported version must be present on your system.
oUse the command openssl version to show the current default version.
oYou can list all versions of OpenSSL present on your system. See the filename endings listed using the command sudo find / -iname *libcrypto.so*
oVerify if your Linux client is compatible using the following command: openssl s_client -connect google.com:443 -tls1_2
ESET PROTECT Server/MDM do not support OpenSSL 3.x. ESET Management Agent supports OpenSSL 3.x. |
If your MDM database on MySQL is too large (thousands of devices) the default innodb_buffer_pool_size value is too small. For more information on database optimizing see: https://dev.mysql.com/doc/refman/5.6/en/optimizing-innodb-diskio.html |
Certificate requirements
•You will need an SSL certificate in .pfx format for secure communication over HTTPS. We recommend that you use a certificate provided by a third-party Certification Authority. Self-signed certificates (including certificates signed by the ESET PROTECT CA) are not recommended because not all mobile devices let users accept self-signed certificates.
•You need to have a certificate signed by CA and the corresponding private key, and utilize standard procedures (traditionally using OpenSSL), to merge those into one .pfx file:
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out httpsCredentials.pfx
This is the standard procedure for most servers which use SSL certificates.
•For Offline installation, you will also need a Peer certificate (the Agent certificate exported from ESET PROTECT). Alternatively, you can use your custom certificate with ESET PROTECT.